Proceedings Paper

Wireless sensor networks (WSN) and mobile ad hoc networks (MANET) are being increasingly deployed in critical
applications due to the flexibility and extensibility of the technology. While these networks possess numerous
advantages over traditional wireless systems in dynamic environments they are still vulnerable to many of the same
types of host-based and distributed attacks common to those systems. Unfortunately, the limited power and bandwidth
available in WSNs and MANETs, combined with the dynamic connectivity that is a defining characteristic of the
technology, makes it extremely difficult to utilize traditional intrusion detection techniques. This paper describes an
approach to accurately and efficiently detect potentially damaging activity in WSNs and MANETs. It enables the
network as a whole to recognize attacks, anomalies, and potential vulnerabilities in a distributive manner that reflects the
autonomic processes of biological systems. Each component of the network recognizes activity in its local environment
and then contributes to the overall situational awareness of the entire system. The approach utilizes agent-based swarm
intelligence to adaptively identify potential data sources on each node and on adjacent nodes throughout the network.
The swarm agents then self-organize into modular neural networks that utilize a reinforcement learning algorithm to
identify relevant behavior patterns in the data without supervision. Once the modular neural networks have established
interconnectivity both locally and with neighboring nodes the analysis of events within the network can be conducted
collectively in real-time. The approach has been shown to be extremely effective in identifying distributed network
attacks.